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REMARKS 

In response to the Office Action dated October 1, 2003, Applicants respectfully request 
reconsideration. To further the prosecution of the present application, each of the rejections set 
forth in the Office Action has been considered and is addressed below. The application is 
believed to be in condition for allowance. 

Rejections Under 35 U.S.C. §102 

Claims 1-13, 15-21, 23-41, 43-57, and 60-66 stand rejected under 35 U.S.C. § 102(e) as 
purportedly being anticipated by U.S. Patent No. 6,484,173 (herein referred to as O'Hare). 
Applicants respectfully traverse this rejection. 

Claim 48 has been amended to clarify the claim in a non-narrowing way, and claim 58 
has been amended to correct a typo in the number of the claim from which it depends. 

Overview of Embodiments of the Present Invention 
One embodiment of the present invention is directed to a technique for enabling a device 
to gain access to one or more devices on a shared resource. One application for use of this 
embodiment of the present invention relates to a storage system that may be shared by numerous 
host devices, with logical volumes or devices'on the storage system being made accessible to the 
plurality of host devices. 

A host may have privileges to both access data on a logical device and to also provide 
non-media access requests to the device. As defined in the specification at page 52, line 13, a 
non-media access request is: 

any command(s) requesting information relating to an identified logical volume 
that does not include accessing data stored by the network devices on a storage 
media of the storage device corresponding to the identified logical volume (e.g., 
not read commands, write commands, format commands, etc.). 
In conventional systems, a host will not have privileges to perform a non-media access request to 
a logical device unless it also has data access (e.g., read and/or write) privileges for that logical 
device. 
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Applicants discovered that it would be advantageous in some circumstances to provide a 
host with non-media access privileges for logical devices to which the host does not have data 
access privileges. An illustrative use for this aspect of the present invention is described in the 
specification starting at page 51, line 8. Providing these non-media access requests enables a 
host computer (e.g., computer systems from Hewlett Packard running the HP-UX operating 
system as described in the specification) to see all of the logical devices presented by the storage 
system (including those to which it does not have data access privileges), which is necessary to 
enable the host to have visibility to the logical devices to which it does have data access 
privileges. 

It should be appreciated that the embodiments of the present invention described in 
Applicants' claims are not limited to the particular example described above, which is provided 
merely for illustrative purposes to facilitate the Examiner's understanding of at least one 
application for the aspects of the present invention recited herein. Thus, the Examiner is urged to 
not rely upon the summary provided above for distinguishing the claims of the present invention 
over the prior art, but rather, to rely solely on the language of the claims themselves and the 
arguments presented below. 

1. O'Hare 

Initially, it is noted that O'Hare is commonly assigned, along with the present 
application, to EMC Corporation. It is believed that the invention recited in Applicants' claims 
patentably distinguish over O'Hare. 

O'Hare is directed to techniques for controlling access by a plurality of hosts to a shared 
storage system. In this respect, O'Hare notes that some shared storage systems may be provided 
in environments wherein multiple hosts sharing access to a storage system are not all controlled 
by a single entity (e.g., a single company), such that it is undesirable to allow indirect access by 
one host to the portions of the data storage device allocated to another host. (col. 1, lines 40-57). 
O'Hare specifically indicates that there is a risk of such unintended indirect access being 
provided through the use of system calls, which do not directly read and write data, but may 
cause one host to indirectly access data allocated to another, (col. 1, lines 34-39). Thus, implicit 
in O'Hare's disclosure is that a system administrator will not provide access privileges to one 



759305,1 




Serial No.: 09/751,684 



- 18- 



ArtUnit: 2187 



Conf.No.: 9139 

host to enable it to access portions of a storage resource allocated to another, but there is a risk of 
unintended and indirect access through the manner in which system call privileges are provided. 

In view of the foregoing, O'Hare is directed to techniques for controlling access to a 
shared storage device. As an example, O'Hare states that it may be desirable to inhibit system 
calls to certain ports in the storage device to prevent access to portions of a storage device 
allocated for use by other devices, (col. 7, lines 20-29). O'Hare discloses that a security 
configuration control module 68 (Fig. 3) can provide information indicating whether system calls 
are to be accepted at a port, and the information can take one of three values indicating either no 
override, open override (indicating that regardless of any other security configuration settings the 
port will accept system calls), and close override (indicating that irrespective of any security 
configuration settings the port will not accept system calls), (col. 8, lines 1-15). 

As shown in Fig. 5, O'Hare teaches that for one or more requestor groups and each of the 
available devices, access levels can be defined. Three types of access levels are shown, i.e., B, C 
and M, although O'Hare indicates that more than three potential access levels can be employed, 
(col. 11, lines 7-9). 

Fig. 6 illustrates a method for responding to an access request. Initially, in acts 204 and 
212, the method determines whether reject or pass overrides have been set, and then either denies 
or accepts the request accordingly. If no override is set, the method proceeds to process a 
number of steps to determine the ID of the requestor and the type of request, and then determines 
whether the request should be granted based upon the configuration settings for the appropriate 
requestor and the designated recipient device. 

O'Hare does not specifically state what the various configuration settings that can be 
employed are, and provides no teaching or suggestion whatsoever that a non-media access 
request to a logical device can be granted for a device that has no data access privileges to the 
logical device. 

2. Claim 1 Patentably Distinguishes Over O'Hare 

Claim 1 is directed to a method for managing access to a shared resource by a plurality 
of devices. The method includes acts of (a) in response to a non-media access request by a first 
of the plurality of devices to a logical device at the shared resource for which the first device has 
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no data access privileges, determining whether the first device is authorized to have non-media 
access to the logical device; and (b) authorizing the non-media access request when it is 
determined in the act (a) that the first device is authorized to have non-media access to the 
logical device. 

As mentioned above, there is simply no teaching or suggestion in O'Hare of authorizing a 
non-media access request to a logical device from a device that has no data access privileges for 
that logical device. The Office Action asserts that this feature of claim 1 is disclosed at col. 10, 
lines 13-14 of O'Hare, indicating that "this condition occurs when access control of the system 
includes read and write operations and when read and write operation access types are not 
allowed for the first device to the logical device at the shared resource; each requesting device is 
allowed access to certain regions of the shared resource for certain access types, refer to ClO- 
C14; Fig. 5 and Fig. 6." (Office Action pages 2-3). Applicants respectfiiUy disagree. 

At col. 10, lines 13-14, O'Hare simply discloses that for some system calls, the nature of 
the access control includes performing read and write operations, whereas other system calls 
involve the performance of only system administrative calls. This does not disclose what is 
recited in claim 1 for several reasons. 

First, to the extent a system call referenced by O'Hare includes performing read and write 
operations, such a system call would not meet the above-recited definition of a "non-media 
access request" as defined in the present application. 

Second, the cited sections of O'Hare do not disclose the authorizing of a non-media 
access request to a logical volume for a device that lacks data access privileges to that logical 
device. While the Office Action indicates that O'Hare teaches that each requesfing device is 
allowed access to certain regions of the shared resource for certain access types, that does not 
disclose what is recited in claim 1 . It should be appreciated that having the authorization to 
perform a non-media access typically requires a higher level of privilege than performing a data 
access, such that in most systems any device having privileges to perform a non-media access 
request would be expected to also have data access privileges. There is simply no teaching or 
suggestion in O'Hare to authorize a non-media access request to a logical device from a device 
that lacks data access privileges to that logical device. 
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As should be appreciated from the foregoing, claim 1 patentably distinguishes over 
O'Hare, such that the rejection of claim 1 under §102 as purportedly being anticipated by O'Hare 
should be withdrawn. 

Claims 2-14 depend from claim 1 and are patentable for at least the same reasons. 

3. Claim 15 Patentably Distinguishes Over O'Hare 

Claim 15 is directed to a method for managing access to a storage system by a plurality 
of devices, the storage system including a plurality of logical volumes of data. The method 
includes acts of: (a) maintaining, in a data structure that is accessible to a filter that controls 
access to each of the plurality of logical volumes, configuration information identifying each 
logical volume to which data access by a first device is authorized; (b) in response to a non- 
media access request by the first device to a first logical volume for which the first device has no 
data access privileges, determining whether the first device is authorized to have non-media 
access to the first logical volume; and (c) authorizing the non-media access request when it is 
determined in the act (b) that the first device is authorized to have non-media access to the first 
logical volume. 

As should be appreciated from the foregoing, O'Hare does not teach or suggest an act of 
authorizing a non-media access request to a logical volume from a device that does not have data 
access privileges for the logical volume. Therefore, it is respectfully asserted that claim 15 
patentably distinguishes over O'Hare, such that the rejection of claim 15 under §102 as being 
anticipated by O'Hare should be withdravm. 

Claims 16-27 depend from claim 15 and are patentable for at least the same reasons. 

4. Claim 28 Patentably Distinguishes Over O'Hare 

Claim 28 is directed to an apparatus for use in a computer system including a plurality of 
devices and a shared resource. The apparatus comprises, inter alia, at least one filter that is 
responsive to a non-media access request by a first of the plurality of devices to a logical device 
at the shared resource for which the first device has no data access privileges, to determine 
whether the first device is authorized to have non-media access to the logical device, and to 
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authorize the non-media access request when it is determined that the first device is authorized to 
have non-media access to the logical device. 

As should be appreciated from the foregoing, O'Hare does not teach or suggest an 
apparatus that includes at least one filter to authorize a non-media access request to a logical 
device from a device that has no data access privileges for the logical device. Therefore, claim 
28 patentably distinguishes over O'Hare, such that the rejection of claim 28 under §102 as being 
anticipated by O'Hare should be withdrawn. 

Claims 29-42 depend from claim 28 and are patentable for at least the same reasons. 

5. Claim 43 Patentably Distinguishes Over O'Hare 

Claim 43 is directed to a computer readable medium comprising a data structure relating 
to access management by a plurality of network devices to data stored on a plurality of logical 
devices. The data structure includes a plurality of records, each corresponding one of the 
network devices, and a first record corresponding to a first of the network devices and including 
configuration information identifying each of the logical devices to which data access by the first 
network device is authorized. The first record further includes visibility information identifying 
whether the first network device is authorized to have non-media access to a first of the plurality 
of logical devices when the configuration information corresponding to the first network device 
identifies that no data access to the first logical device from the first network device is 
authorized. 

As should be appreciated from the foregoing, there is no teaching or suggestion in 
O'Hare of providing a data structure relating to access management for network devices wherein 
a record in the data structure includes visibility information identifying whether a first network 
device that has no data access privileges to a first logical device is nevertheless authorized to 
have non-media access to the first logical device. Therefore, it is respectfully asserted that claim 
43 patentably distinguishes over O'Hare, such that the rejection of claim 43 under §102 as being 
anticipated by O'Hare should be withdrawn. 

Claims 44-47 depend from claim 43 and are patentable for at least the same reasons. 

6. Claim 48 Patentably Distinguishes Over O'Hare 
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Claim 48 is directed to an apparatus for use in a computer system including a plurality of 
devices in a storage system. The apparatus comprises, inter alia, a data structure that stores 
configuration information identifying each logical volume on the storage system to which data 
access by a first device is authorized, and at least one filter that is responsive to a non-media 
access request by the first device to a first logical volume for which the first device has no data 
access privileges, to determine whether the first device is authorized to have non-media access to 
the first logical volume and to authorize the non-media access request when it is determined that 
the first device is authorized to have non-media access to the first logical volume. 

As should be appreciated from the foregoing, O'Hare does not disclose an apparatus that 
comprises at least one filter to authorize a non-media access request to a first logical volume for 
a first device that has no data access privileges for the first logical volume. Therefore, it is 
respectfiiUy asserted that claim 48 patentably distinguishes over O'Hare, such that the rejection 
of claim 48 under §102 as being anticipated by O'Hare should be withdrawn. 

Claims 49-59 depend from claim 48 and are patentable for at least the same reasons. 

7. Claim 60 Patentably Disfinguishes Over O'Hare 

Claim 60 is directed to a storage system comprising a plurality of storage devices that 
store a plurality of logical volumes; a data structure to store configuration information; and a 
filter to selectively forward non-media access requests from a first network device to a first 
logical volume when the configuration information identifies that no data access to the first 
logical volume from the first network device is authorized. 

As should be appreciated from the foregoing, O'Hare does not teach or suggest a storage 
system that comprises a filter that selectively forwards non-media access requests from a first 
network device to a first logical volume when configuration information identifies that no data 
access to the first logical volume from the first network device is authorized. Therefore, it is 
respectfully asserted that claim 60 patentably distinguishes over O'Hare, such that the rejection 
of claim 60 imder §102 as being anticipated by O'Hare should be withdrawn. 

Claims 61-66 depend from claim 60 and are patentable for at least the same reasons. 
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CONCLUSION 



In view of the foregoing remarks, this application should now be in condition for 
allowance. A notice to this effect is respectfully requested. If the Examiner believes, after this 
amendment, that the application is not in condition for allowance, the Examiner is requested to 
call Applicants' attorney at the telephone number listed below to discuss any outstanding issues 
relating to the allowability of the application. 

If this response is not considered timely filed and if a request for an extension of time is 
otherwise absent, Applicant hereby requests any necessary extension of time. If there is a fee 
occasioned by this response, including an extension fee, that is not covered by an enclosed 
check, please charge any deficiency to Deposit Account No. 23/2825. 



Respectfully submitted, 

Steven M. Blumenau et aL, Applicant(s) 




Richard F. Giunta, Reg. No. 36,149 
Wolf, Greenfield & Sacks, P.C. 
600 Atlantic Avenue 
Boston, Massachusetts 02210-2211 
Telephone: (617) 720-3500 
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